How many controls does FIDO2 and W3C WebAuthn Standard have?

FIDO2 and W3C WebAuthn Standard contains 22 controls organized across 5 domains.

Where does FIDO2 and W3C WebAuthn Standard apply?

FIDO2 and W3C WebAuthn Standard is applicable in International (W3C / FIDO Alliance). Organizations operating in or serving customers in this jurisdiction should evaluate its requirements.

What frameworks does FIDO2 and W3C WebAuthn Standard map to?

FIDO2 and W3C WebAuthn Standard has control-to-control mappings with 448 other compliance frameworks in our database. Use our compliance platform to explore these mappings interactively.

How do I get started with FIDO2 and W3C WebAuthn Standard compliance?

Start by understanding the framework's key controls and domains. Our compliance platform provides AI-powered gap analysis and mapping tools to help you assess your current posture and build a remediation plan.

FIDO2 and W3C WebAuthn Standard

FIDO2 (Fast IDentity Online) comprises the W3C Web Authentication (WebAuthn) specification and the FIDO Alliance Client-to-Authenticator Protocol (CTAP). WebAuthn Level 3 (2025) enables passwordless authentication using public key cryptography.

Domains

Security and Privacy Requirements

Attestation and Trust

Authenticator Requirements (CTAP2)

Authentication Ceremony

Registration Ceremony

Frequently Asked Questions

Map FIDO2 and W3C WebAuthn Standard to any other framework

Use our AI-powered compliance platform to find control overlaps, gaps, and build remediation plans in seconds.

Try Free on Compliance Platform